DB Manager: SSL Default profile working?

Wappler 2.9.1
MacOS Catalina

Can’t access remotely to a Heroku PG database.

They provision their DBs with Amazon AWS but SSH is not needed.

ec2-sampleid.eu-west-1.compute.amazonaws.com

The connection data is OK as I have my desktop PG database app connecting without problems.

If you need credentials to investigate please let me know and I’ll send them via PM.

Additional links with info:

Is the default SSL profile trying t make an SSL connection via knex? I have the feeling it’s not.

If only I could get my hands on the SDK flavour…
Trying to debug the DatabaseManager without a debugger is like trying to solve P vs NP being me.

You probably have to choose the custom SSL profile and supply the heroku CA

I doubt it’s that because I can connect through my desktop app(tableplus) only with the string details. I know knex has had some issues in the past with postgres via ssl and it requires specific setup.

If they use AWS then you should choose the AWS profile.

Default doesn’t use any profiles at all

You think I haven’t tried? :smiley:

:smile:

Seems a special Knex connection is needed with pools or so?

You can try to adjust it manually at the:

.wappler/target_name/databases/connection_name.json

Where target_name is your target and connection_name is your db connection name.

In this json file you will see a “connection” key that is passed to Knex

So you try adjusting it and let me know what works for you.

Or experiment with a simple Knex js file to get it working first.

1 Like
var knex = require('knex')({
    client: 'postgresql',
    connection: {
        host: '',
        user: '',
        password: '',
        database: '',
        ssl: { "rejectUnauthorized": false }
    }
});

knex.raw('select 1+1 as result').then(function () {
    console.log("Connection succesful")
});

image

It seems to be a specific issue with how node handles SSL certificates.

ssl: true

This seems to be deprecated.

https://nodejs.org/api/tls.html#tls_tls_connect_options_callback

Had to add it manually as the DB Manager connection window still tests negative against it. It is first checking against the w2ui record the connection without the right ssl object created.

Solution:

"ssl": {
      "rejectUnauthorized": false
    }

Send 6-pack of beer for fixing bug.

1 Like

Awesome - thanks for the research - now I just add it to be used always :smile:

1 Like